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DETAILED ACTION 

1. Applicant's amendment filed on February 28, 2005 has been entered. 
Claims 1-20 are pending. Claims 1, 7-9, 10, and 14 are also amended by the applicant. 

Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1-20 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Murphy (US 6,226,744 B1), and further in view of Carper et al (US 6,480,935 B1). 

a. Referring to claim 1: 

i. Murphy teaches: 

(1) a communications network in operative 
communication with said smart card terminal [i.e., Figure 1, a smart card 10 is 
inserted into a smart card reader 12, which is inserted into a 3.5" floppy disk drive 
of a client terminal, wherein the terminal having a network connection or modem 
connection to WWW 16 ( column 4, line 33-40)]; and 

(2) a central data base server in operative 
communication with said communication network [i.e., client terminal 14 is in 
communication with a secure gateway server 18, a secure server 22, and an 
administrative server 24 via WWW 16 (column 4, line 44-46)], and 

(a) including a plurality of application-specific 
partitioned memory locations [i.e., Figure 2, main memory 24 may be any type of 
machine readable storage device, such as RAM, ROM, PROM, and EEPROM 
(column 5, line 8-13). Furthermore, Servers 18, 22 and 24 are in communication 
with a database 26. In this embodiment of the invention, database 26 is a 
relational database stored on a database computer external to servers 18, 20, 22 
and 24. It can be appreciated, however, that database 26 could be stored on 
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servers 18, 20, 22 or 24 and still fall within the scope of the invention (column 4, 
lines 50-55)], wherein 

(b) at least one of said application-specific 
partitioned memory locations contains information associated with an authorized user of 
said smart card [i.e., secure gateway server 18 includes a main memory module, 
performing read and write information (that is "information associated with an 
authorized user") to smart card (column 6, line 18-19)], whereby 

(c) said information being accessible through said 
smart card terminal via at least one of said memory-economizing data pointers 
contained within said smart card [i.e., information from the card is accessed using 
the program and a PIN, and is compared with server information (column 4, line 
23-25)]. 

ii. However, Murphy does not explicitly mention: 

(1) a plurality of application-specific partitioned memory 
locations; and memory allocation uses memory-economizing data pointers within said 
smart card. 

iii. Carper teaches: 

(1) Carper's invention makes full use of a predictable 
data record format and an efficient file directory structure. While subject to variation and 
programmer definition, the data record format provides a basis by which the memory 
management record may be recreated upon smart card initialization by interrogation of 
the various data object stored in read/write memory. The file directory is flexible and 
able to accurately identify all data objects persistent in read/write memory, while 
occupying a minimum of memory space itself, that is similar to "memory-economizing 
data pointers" (column 3, lines 9-19). In addition, memory allocation is made by the 
memory manager on an "as needed" basis, such that records, files, and data objects 
are stored in a minimum of memory space. When the OS or an application requires a 
block of memory, it requests the desired amount from the memory manager. The 
memory manager identifies and allocates the smallest available block of read/write 
memory capable of satisfying the request. This process reduces memory space 
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fragmentation and allows optimal use of the memory space. Effective memory 
management requires a reference. At any given moment, the reference must 
accurately indicate which portions of memory are in use and which portions are 
available for allocation. Alternatively, an accounting or a poling algorithm might be used 
to monitor memory use. A memory management reference can take advantage of the 
fact that commercial memory devices are often divided into data blocks having a 
minimum or nominal size (column 4, lines 32-49). Furthermore, such macro- 
partitioning of EPROM between data types, or between individual applications is 
common in conventional smart cards. Often, the partitioning creates a fixed memory 
queue in which one application is written behind the next until the queue is full (e.g. 
application-specific). Once the queue is full no additional programs may be loaded onto, 
the smart card (column 2, lines 43-48). 

iv. It would have been obvious to a person having ordinary skill 
in the art at the time the invention was made to: 

(1) include such smart card memory allocation and 
deallocation in Murphy's Figure 2, since all requests for smart card memory definition 
(allocation and deallocation) are controlled by the memory manager, memory integrity 
and security are assured (column 2, lines 54-56 of Carper). 

v. The ordinary skilled person would have been motivated to: 
(1) include such smart card memory allocation and 

deallocation in Murphy's Figure 2, since memory allocation may be made dynamically 
on an as-needed basis, the smart card memory may be efficiently used, and need not 
be pre-allocated or defined by arbitrary boundaries (column 2, lines 57-60 of Carper), 
b. Referring to claim 2: 

i. Murphy further teaches: 

(1) a central time/date authority in operative 
communication with said communications network [i.e., Figure 2, an authentication 
module resides within the secure gateway server which is in communication with 
network via WWW 16 (column 4, line 44-46 and line 60)], 
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(a) said central time/date authority providing a time 
verification that is associated with said information transmitted between said central 
database server and said smart card terminal [i.e., authentication information was 
stored in database 26 by the same CA (Certified Authority) that issued smart card 
10 to user (column 6, line 34-37). Any type of user data (that is "a time 
verification") can be used and still fall within the scope of the invention (column 
14, line 65-66)]. 

c. Referring to claims 3-4: 

i. Murphy further teaches: 

(1) wherein said communication network is part of a 
public-switched telephone network; wherein said communication network communicates 
with said smart card terminal via plain old telephone system (POTS) [i.e., Murphy's 
invention includes a method and apparatus for authenticating users of a network, such 
as the Internet or WWW, this clearly involves "public-switched telephone network and 
plain old telephone system (POTS)". Each network user is assigned a smart card that 
can be inserted into a smart card reader, that can in turn be inserted into a 3.5" floppy 
disk drive of a PC. User information is stored on the smart card. Authentication is 
accomplished by sending messages from the network (e.g., an Internet web site) to the 
users's PC to interrogate the smart card (column 3, line 66 through column 4, line 7)]. 

d. Referring to claim 5: 

i. Murphy further teaches: 

(1) communications network includes the Internet [i.e., 
such networks are the Internet (column 1, line 60-61)]. 

e. Referring to claim 6: 

L Murphy further teaches: 

(1) central database server comprises a network smart 
card server and a plurality of interconnected database servers [i.e., Figure 1, servers 
18, 20, 22, and 24 (column 4, line 47-48)]. 

f. Referring to claim 7: 

i. Murphy further teaches: 
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(1) wherein at least one of said application-specific 
partitioned memory locations includes both a restricted data portion containing 
information regarding said authorized user accessible to a first predetermined group of 
network users [i.e., whenever a user desires to access restricted information 
stored at various servers protected by secure gateway server 18, the user only 
has to be authenticated once, then accesses a server having restricted 
information (column 6, line 58-63)], and 

(2) a public data portion containing information regarding 
said authorized user that is accessible to a second predetermined group of network 
users [i.e., a user was not limited to the information stored on their own computer, 
but could gain access to information stored on hundreds, even thousands, of 
individual computers linked together by a single network (column 1, line 57-60)]. 

g. Referring to claim 8: 

i. This claim has limitations that is similar to those of claims 2 
and 7, thus it is rejected with the same rationale applied against claims 2 and 7 above. 

h. Referring to claim 9: 

i. This claim has limitations that is similar to those of claims 1 
and 7, thus it is rejected with the same rationale applied against claims 1 and 7 above. 

i. Referring to claim 10: 

i. Murphy teaches: 

(1) providing at least one smart card terminal for 
receiving and communicatively interacting with said smart card [i.e., Figure 1, a smart 
card 10 is inserted into a smart card reader 12, which is inserted into a 3.5" floppy 
disk drive of a client terminal (column 4, line 33-37)]; 

(2) verifying authorization for a desired application that is 
selected at said smart card terminal for said smart card transaction; transmitting at least 
an authorization code associated with said smart card both through a communication 
network and to a network smart card server that includes a plurality of application- 
specific partitioned memory locations [i.e., information from the card is accessed 
using the program and a PIN or an access code, and is compared with server 
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information (column 4, line 23-25). In addition, the specific data being stored and 
retrieved from the smart card in this example of a smart card interface module is 
in the form a user's social security number (SSN) for use in authenticating the 
user. It can be appreciated, however, that any type of data could be stored or 
retrieved from the smart card, such as tickets, certificates, public/private keys, 
and so forth, (column 7, line 22-28)]; 

(3) utilizing at least one memory-economizing data 
pointer provided by said authorization code to point to information relating to said 
authorized user that is contained in at least one of said application-specific partitioned 
memory location p.e., authentication information (that is "information relating to 
said authorized user") was stored in database 26 by the same CA (Certified 
Authority), such as tokens, digital signatures, certificates, etc., that issued smart 
card 10 to user ( column 5, line 54-57 and column 6, line 34-37)]; and 

(4) transmitting said information through said 
communications network to said smart card terminal [i.e., authentication module 32 
uses the smart card interface module and the PIN to access and read/write user 
information from/to smart card 10 via WWW 16 (column 6, line 29-32)]. 

ii. However, Murphy does not explicitly mention: 

(1) a plurality of application-specific partitioned memory 
locations within said smart card, and memory-economizing data pointers within said 
smart card. 

iii. Carper teaches: 

(1) Carper's invention makes full use of a predictable 
data record format and an efficient file directory structure. While subject to variation and 
programmer definition, the data record format provides a basis by which the memory 
management record may be recreated upon smart card initialization by interrogation of 
the various data object stored in read/write memory. The file directory is flexible and 
able to accurately identify all data objects persistent in read/write memory, while 
occupying a minimum of memory space itself, that is similar to "memory-economizing 
data pointers" (column 3, lines 9-19). In addition, memory allocation is made by the 
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memory manager on an "as needed" basis, such that records, files, and data objects 
are stored in a minimum of memory space. When the OS or an application requires a 
block of memory, it requests the desired amount from the memory manager. The 
memory manager identifies and allocates the smallest available block of read/write 
memory capable of satisfying the request. This process reduces memory space 
fragmentation and allows optimal use of the memory space. Effective memory 
management requires a reference. At any given moment, the reference must 
accurately indicate which portions of memory are in use and which portions are 
available for allocation. Alternatively, an accounting or a poling algorithm might be used 
to monitor memory use. A memory management reference can take advantage of the 
fact that commercial memory devices are often divided into data blocks having a 
minimum or nominal size (column 4, lines 32-49; for further details of how memory 
is being partitioned, see Figures 3-5 and column 6, line 10 through column 9, line 
13). Furthermore, such macro-partitioning of EPROM between data types, or between 
individual applications is common in conventional smart cards. Often, the partitioning 
creates a fixed memory queue in which one application is written behind the next until 
the queue is full (e.g., application-specific). Once the queue is full no additional 
programs may be loaded onto the smart card (column 2, lines 43-48). 

iv. It would have been obvious to a person having ordinary skill 
in the art at the time the invention was made to: 

(1) include such smart card memory allocation and 
deallocation in Murphy's Figure 2, since all requests for smart card memory definition 
(allocation and deallocation) are controlled by the memory manager, memory integrity 
and security are assured (column 2, lines 54-56 of Carper). 

v. The ordinary skilled person would have been motivated to: 
(1) include such smart card memory allocation and 

deallocation in Murphy's Figure 2, since memory allocation may be made dynamically 
on an as-needed basis, the smart card memory may be efficiently used, and need not 
be pre-allocated or defined by arbitrary boundaries (column 2, lines 57-60 of Carper), 
j. Referring to claim 11: 
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i. Murphy further teaches: 

(1) modifying said information as accessed at said smart 
card terminal; transmitting said information as modified to said network smart card 
server; and storing said information as modified in at least one of said application- 
specific partitioned memory locations [i.e., this claim has some limitations that is 
similar to those of claim 1, thus it is rejected with the same rationale applied 
against claim 1 above. In addition, Figure 1, a situation may arise where a user 
may want to access/change user information on smart card, the administrative 
module allows a user to verify and change a PIN. Any user modifications made at 
administrative server 24 are replicated to user's authentication profile stored in 
database 26 (column 7, line 5-10)]. 

k. Referring to claim 12: 

i. This claim has limitations that is similar to those of claim 2, 
thus it is rejected with the same rationale applied against claim 2 above. 
I. Referring to claim 13: 

i. This claim has limitations that is similar to those of claim 11, 
thus it is rejected with the same rationale applied against claim 1 1 above, 
m. Referring to claim 14: 

i. Murphy teaches: 

(1) a microprocessor programmed to received an 
authorization code associated with said smart card, said authorization code 
representing at least one memory-economizing data pointer for pointing to authorized 
user related information contained within at least one memory location within said first 
or second plurality of application-specific partitioned memory locations [i.e., this claim 
has some limitations that is similar to those of claim 1, thus it is rejected with the 
same rationale applied against claim 1 above. In addition, Figure 2, the overall 
functioning of secure gateway server is controlled by a central processing unit 
(CPU) 26, which operates under the control of executed computer program 
instructions that are stored in main memory (column 4, line 66-67 and column 5, 
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line 1-2). Bus adapter 30 is used for transferring data back and forth between 
CPU/memory bus and I/O bus (column 5, line 37-38)]. 

n. Referring to claim 15: 

i. Murphy further teaches: 

(1) wherein said information contained in first plurality of 
application-specific partitioned memory locations is access-designated public data for 
said smart card transactions [i.e., this claim has some limitations that is similar to 
those of claims 1 and 14, thus it is rejected with the same rationale applied 
against claims 1 and 14 above. In addition, a user was not limited to the 
information stored on their own computer, but could gain access to information 
stored on hundreds, even thousands, of individual computers linked together by 
a single network (column 1, line 57-60)]. 

o. Referring to claims 16: 

i. This claim has limitations that is similar to those of claim 15, 
thus it is rejected with the same rationale applied against claim 15 above, 
p. Referring to claim 17: 

L This claim has limitations that is similar to those of claim 1, 
thus it is rejected with the same rationale applied against claim 1 above, 
q. Referring to claim 18: 

i. Murphy further teaches: 

(1) one of said first plurality of application-specific 
partitioned memory locations is located on a separate database server accessible 
through a communication network [i.e., this claim has some limitations that is 
similar to those of claims 1 and 14, thus it is rejected with the same rationale 
applied against claims 1 and 14 above. In addition, Figure 1, Secure gateway 
server 18 is in communication with WWW 16, whereas database 26 could be 
stored on server 18 as well (column 4, line 54)]. 
r. Referring to claims 19-20: 
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i. These claims have limitations that is similar to those of 
claims 3-4, thus they are rejected with the same rationale applied against claims 3-4 
above. 

Response to Argument 

4. Applicant's arguments filed February 28, 2005 have been fully considered 
but they are not persuasive. 

Applicant argues that: 

The suggestion to combine the references must not come from the 
Applicant's proposed invention itself. 

Examiner totally disagrees and still maintains that: 

In response to applicant's argument addressed above, the fact that 
applicant has recognized another advantage which would flow naturally from following 
the suggestion of the prior art cannot be the basis for patentability when the differences 
would otherwise be obvious. See Ex parte Obiaya, 227 USPQ 58, 60 (Bd. Pat. App. & 
Inter. 1985). Furthermore, in response to applicant's argument that there is no 
suggestion to combine the references, the examiner recognizes that obviousness can 
only be established by combining or modifying the teachings of the prior art to produce 
the claimed invention where there is some teaching, suggestion, or motivation to do so 
found either in the references themselves or in the knowledge generally available to one 
of ordinary skill in the art. See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 
1988)and In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992). In this case, 
the combination of Murphy and Carper teach the claimed subject matter and the 
combination is sufficient. In fact, Murphy/Carper do not need to disclose anything over 
and above the invention as claimed in order to render it unpatentable or anticipate. A 
recitation of the intended use of the claimed invention must result in a structural 
difference between the claimed invention and the prior art in order to patentably 
distinguish the claimed invention from the prior art. If the prior art structure is capable of 
performing the intended use, then it meets the claimed limitations. For the above 
reasons, it is believed that the rejections should be sustained. 

Conclusion 
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5. Applicant's amendment necessitated the new ground(s) of rejection 
presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See 
MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 
37 CFR 1.136(a). 

a. Duursma et al (US 6,643,690 B2) discloses an apparatus and 
method for determining a program neighborhood of a client node in a client-server 
network is described. The program neighborhood of the client node includes application 
programs hosted by application servers on the network (see abstract). 

A shortened statutory period for reply to this final action is set to expire 
THREE MONTHS from the mailing date of this action. In the event a first reply is filed 
within TWO MONTHS of the mailing date of this final action and the advisory action is 
not mailed until after the end of the THREE-MONTH shortened statutory period, then 
the shortened statutory period will expire on the date the advisory action is mailed, and 
any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date 
of the advisory action. In no event, however, will the statutory period for reply expire 
later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Thanhnga (Tanya) Truong whose telephone number 
is 571-272-3858. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Kim Vu can be reached on 571-272-3859. The fax and phone 
numbers for the organization where this application or proceeding is assigned is 703- 
872-9306. 

Any inquiry of a general nature or relating to the status of this 
application or proceeding should be directed to the receptionist whose telephone 
number is 571-272-2100. 

TBT 

November 23, 2004 




